RDH suffers ransomware attack

Rangely District Hospital (RDH) will send notices this week to patients whose records may have been involved in a ransomware attack in April 2020.

According to a press release issued June 8, parts of the hospital’s computer network were attacked by ransomware, including some files containing patients’ health information and other files necessary to view certain patient information.

Ransomware is a type of computer virus that encrypts files and demands that a ransom payment be made in order to unlock (decrypt) the files. RDH did not pay any ransom, and has since recovered many of the files from backups and other sources. 

“There is no indication that any files with personal health information were exported or viewed by any unauthorized person as a result of the incident,” the press release states, but breach notification letters are being sent to involved patients for whom RDH has current mailing addresses.

Software used by the hospital to access some database records entered between August 2012 and August 2017 was infected by ransomware, causing loss of access. Home health services records entered between June 2019 and April 9, 2020. Records affected may include names, dates of birth, social security numbers, addresses, telephone numbers, driver’s license copies, dates of service or hospital admissions, diagnoses and conditions, treatment or procedure notes and orders, imaging studies, medications, and health insurance and claims and billing information. No credit card/debit card or bank account information was involved, and none of the files was viewed or exported from the hospital’s systems. 

“The investigation [by the hospital and a national cybersecurity firm] determined that the ransomware was launched to lock RDH out of its files in an effort to extort money; it did not result in viewing or exporting of files containing any patients’ health information. The ransomware was an automated file-encryption process. RDH has not determined who is behind the ransomware but has reported this cybercrime to local and federal law enforcement officials,” the press release states.

RDH has since made changes to protect its network, is researching additional data backup options, and taken additional steps to protect its data in the future. 

Although there was no indication that personal information was viewed or exported, RDH recommends that individuals review their financial statements and credit reports. Individuals can obtain information about placing fraud alerts and security freezes from the Federal Trade Commission and the three national credit reporting agencies at the toll-free numbers, websites, or mailing addresses as follows: